On Tue, Jul 16, 2024 at 4:55 PM Kamil Dudka <kdu...@redhat.com> wrote: > > On Tuesday, July 9, 2024 12:45:18 PM CEST Siteshwar Vashisht wrote: > > On Sat, Jul 6, 2024 at 2:05 AM Siteshwar Vashisht <svashi...@redhat.com> > > wrote: > > > > > Hello, > > > > > > I am writing this message to get feedback from the community on possibly > > > new defects identified by static analyzers in Critical Path Packages that > > > have changed in Fedora 41. For context, please see my previous email[1]. > > > > > > > There were a large number of false positives reported due to cppcheck > > warning about limiting analysis of branches. > > > > I have added the --check-level=exhaustive option to cppcheck. Here is an > > example report: > > > > Without --check-level=exhaustive: > > > > https://openscanhub.fedoraproject.org/task/242/log/units-2.22-6.fc39/scan-results.html > > As this is a problem with the analysis rather than a problem with the source > code being analyzed, I propose to filter these warnings out in the csmock > plug-in, as we do for cppcheckError, syntaxError, and the like: > https://github.com/csutils/csmock/blob/b3a2279468e7440553d0757b0d93c58791e13e93/py/plugins/cppcheck.py#L68
It should be fixed by the next release of csmock[1]. > > > With --check-level=exhaustive: > > > > https://openscanhub.fedoraproject.org/task/2029/log/units-2.22-6.fc39/scan-results.html > > > > So this issue should not happen in the future. > > The downside of using `--check-level=exhaustive` is that Cppcheck might be > killed by a timeout (set to 30s by default) before reporting other useful > bugs. > > Kamil > > [1] https://github.com/csutils/csmock/pull/181 -- _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
